Overview

Readiness requires continuous awareness of what assets and data are on the network and what is going on inside and outside the network — right now. It depends on a common operational picture: visibility and situational awareness across defense and tactical networks, comparison of internal activity and external activity on similar networks, and knowledge of restricted and unrestricted networks away from the battlefield.

Digital dependence breeds vulnerabilities that can be exploited by criminals, hackers, hacktivists, and well-resourced nations and non-state organizations. Readiness involves understanding the enemy — cybercrime. Knowing how hackers operate, what they are after, and the impact they can have on your network will help with your preparedness.

Overcome obstacles — A single picture can be difficult for organizations using compartmentalized controls and processes. For example, defense networks, especially military networks, rely on responsiveness and rapid access to data. Users and administrators perceive standard process-heavy security controls to be obstacles to agility. For this reason, many tactical systems are exempt from security audits and excluded from traditional risk management. Complicating change, stakeholders often hesitate to relinquish control over their cyberenvironments. However, weak controls and siloed systems prevent timely action against advanced targeted attacks and data breaches, including insider threats.

View a complete operational picture — McAfee cyber readiness solutions enable a continuous understanding of the entire protected network and the ability to assess risk dynamically across three key dimensions: on the network (network devices, endpoints, users, and data), inside the network (behavior), and outside the network (threat intelligence). McAfee combines solutions for discovery, prevention, detection, response, and audit within a centralized management console enriched with threat intelligence feeds. Collectively, these solutions help detect and remediate threats sourced from inside and outside the network — even advanced stealth attacks and zero-day threats.

Act on intelligence — An extensible data collection and monitoring framework within McAfee solutions fuses machine-to-machine (M2M) and threat intelligence with IT and mission data from endpoints, servers, databases, and applications — including network and system logs. These data streams feed rich analytics that support a proactive risk management posture: continuous monitoring, assessments, and forensic investigations on a large scale. They provide cyber readiness across the cybersecurity battlefield — on the front lines and throughout the networks that enable the mission behind the scenes.

Key Benefits

Silently detect and monitor assets as they traverse your networksPassively discover and monitor assets (endpoints and servers), devices, applications, and data moving onto and between domains to reduce the chance of network disruption, data loss, and compliance violations — without intruding on operations or affecting battle command system performance.

Collect machine-to-machine intelligence from every sourceUse a proven, scalable, and standards-based framework to capture the data required for consistent, holistic situational awareness spanning from secret and enterprise networks to battle command systems and tactical combat systems. Every component of the network is a producer and consumer of intelligence, creating a smarter, connected ecosystem that uses its own network as an intelligence source. This intelligence combines with indicators from other networks worldwide to help you pinpoint relevant internal and external activity that affects risk.

Construct a resilient systemStrengthen your ability to withstand attacks or failures and re-establish quickly. McAfee provides robust defense in the face of motivated persistent hackers, so you can cope with unknowns.

Link cyber risk to overall mission risk decisionsIncorporate local asset intelligence and global threat intelligence in decision making to manage risk more intelligently and confidently based on a complete, contextual, and accurate view of dynamic assets, risks, and countermeasures in IT and operational networks.

Centralize security data and operations to speed assessment and inform responseStreamline device management, threat monitoring, real-time analysis, and forensic investigation within a “single pane of glass” environment that includes data mined from network and system logs. Use tools to automate tactical processes so your team can focus on the events that matter most.

Products

Data Protection

Uses advanced network crawling technology to index sensitive data stored anywhere on your network and allows you to mine this information to quickly understand your sensitive data, how it is used, who owns it, and where it has proliferated.

Protects against insider threats. Recognizes TITUS metadata markings on any document and can use these markings as well as “fingerprints” to control the movement of sensitive data to removable devices or through email messaging (takes action such as release, block, restrict, or encrypt).

Enforces data policies within domains and across Internet, enterprise, and partner boundaries to help prevent data loss and misuse. Integrates with McAfee Email Gateway and McAfee Web Gateway to block leakage or theft of sensitive and TITUS-marked data through protocols including HTTP, IMAP, and FTP.

Scans the network for databases and also uses preset patterns to identify tables containing restricted information. Determines if the latest patches have been applied, tests for weaknesses, and then prioritizes and recommends remediations.

Risk and Compliance

Passively monitors network traffic to detect and characterize devices hidden on your network as well as smartphones, tablets, and laptops that come and go between scheduled scans, updating the asset database in McAfee ePO.

Using traditional active scanning plus the passive monitoring of the McAfee Asset Manager feature, this appliance delivers unrivaled scalability and performance that can keep track of the presence, configurations, and potential weaknesses of every asset and device on your network.

SIEM

Provides a common operational dashboard and rich, high-speed analytics that promote early threat detection and forensic readiness. Scales to absorb vast and varied data feeds — from asset and threat intelligence to machine-to-machine, network, and system logs — which it correlates with other security-related events to present a unified and coherent picture of risk.

Related Partners

Solera NetworksOffers full network forensics, analytics, and data retention for breach and forensic readiness. Solera Networks products can feed network logs into McAfee Enterprise Security Manager, adding these network data sources to the system logs of McAfee Enterprise Log Manager to give investigators rapid access to required data to assist response in the event of a breach.

Resources

Brochures

Through its optimized, connected security architecture and global threat intelligence, learn how McAfee delivers security that addresses the needs of the military, civilian government organizations, critical sectors, and systems integrators.

The interoperability between TITUS Document Classification software and McAfee Data Loss Prevention (DLP) further reduces your risk of data loss by capturing end users’ inherent knowledge about the sensitivity of documents and making that information available to McAfee host and network-based DLP as visual classification
labels and corresponding metadata.

Learn about the three cyber-readiness solution
requirements: continuous asset intelligence, risk
assessment across IT and operational assets, and
integration with computerized decision support
systems.

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

The McAfee solution has two primary components: McAfee Firewall Enterprise and McAfee Network Security Platform. The McAfee Firewall and the IPS appliance both have add-on features that can optimize your visibility into the network. McAfee SIEM and other optional products help extend visibility and analytics to more aspects of network traffic.

Community

Blogs

Recent headlines (here and here) may have struck fear into those living near major energy installations due to references about the Stuxnet malware. In 2009, this particular strain of malware caused significant damage to the Nantanz nuclear facility, reportedly destroying a fifth of Iran’s nuclear centrifuges. Recent reports about Operation Dragonfly, however, appear to be […]

At McAfee we’re dedicated to providing the most comprehensive and effective toolsets to defend against dangerous cyber threats. This mission is at the core of why we exist as a company. And as cybersecurity experts in DC, we recognize the important components that go into an effective cybersecurity strategy for government entities. These organizations need […]

This week, the experts at McAfee Labs released their latest quarterly threats report, which recapped emerging cyber-threats they saw at the end of last year. In addition to some of the trends we know of that afflict big companies and individuals, there are a number of interesting threats that affect users in the federal government […]

This week, President Obama released his annual draft budget for Fiscal Year 2015. The budget calls for reductions in defense, leaving the physical U.S. military at is smallest level since WWII. At the same time, spending levels for cybersecurity could be increasing – or at least they won’t be declining. This reflects a strategic realignment […]

This week, the city of San Francisco is hosting one of the biggest cybersecurity events of the year – the RSA conference. The meeting draws hundreds of prominent cyber exhibitors and thousands of guests, spurring a discussion on the cyberthreat landscape and the solutions companies are employing to keep us safe from bad actors on […]